> also remember dont forget that openssl is experimental.
I am trying to find the more stable one, as mentioned before I see
crashes with gnutls, and I figured I would try openssl based on
earlier comments from David.
My config is like below, I don't have load=gtls and I uninstalled
rsyslog-gnutls package. I can compile the rsyslog package but was
hoping that I could do it with precompiled packages.
action(
type="omrelp"
target="10.3.2.5"
port="11514"
tls="on"
tls.authmode="name"
tls.permittedpeer=["host.domain.com"]
)
# rsyslogd -v
rsyslogd 8.2502.0 (aka 2025.02) compiled with:
PLATFORM: x86_64-redhat-linux-gnu
PLATFORM (lsb_release -d):
FEATURE_REGEXP: Yes
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
memory allocator: system default
Runtime Instrumentation (slow code): No
uuid support: Yes
systemd support: Yes
Config file: /etc/rsyslog.conf
PID file: /var/run/syslogd.pid
Number of Bits in RainerScript integers: 64
# rpm -qa|grep rsyslog
rsyslog-8.2502.0-1.el8.x86_64
rsyslog-relp-8.2502.0-1.el8.x86_64
rsyslog-openssl-8.2502.0-1.el8.x86_64
On Wed, Jun 25, 2025 at 9:56 PM Ozgur Karatas <[email protected]> wrote:
>
> Mehmet Avcioglu via rsyslog <[email protected]>, 25 Haz 2025
> Çar, 15:38 tarihinde şunu yazdı:
> >
> > How does rsyslog decide whether to use gnutls or openssl? I
> > specifically installed the rsyslog-openssl package and removed
> > rsyslog-gnutls package from Rocky8 servers, but possibly gnutls is
> > still used instead of openssl, as the logs reference gnutls and I
> > still see rsyslog linking to gnutls library. Any insight would be
> > appreciated.
> >
>
> Hello,
>
> first use rsyslogd -v and check TLS support.
> second check your config:
>
> module(load="gtls") - gnutls
> module(load="omrelp") - relp tls
>
> also remember dont forget that openssl is experimental.
> if you use source code please use:
>
> ./configure --enable-openssl
>
> Ozgur
>
>
> > I am using 8.2502 and relp. The reason why I want to try openssl
> > instead of gnutls is that sometimes (which I cannot reproduce myself)
> > right after gnutls error messages, like the ones given below, client
> > rsyslog exits.
> >
> > omrelp[11514]: error 'TLS record write failed [gnutls error -53: Error
> > in the push function.]'
> > imrelp[11514]: error 'TLS record write failed [gnutls error -408:
> > Cannot perform this action while handshake is in progress.]', object
> > 'lstn 11514: conn to clt 10.6.9.4' - input may not work as intended
> > "imrelp[11514]: error 'TLS handshake failed [gnutls error -54: Error
> > in the pull function.]', object 'lstn 11514: conn to clt 10.6.9.4' -
> > input may not work as intended"
> >
> > # ldd /lib64/rsyslog/omrelp.so | grep -E 'ssl|gnutls'
> > libgnutls.so.30 => /lib64/libgnutls.so.30 (0x00007894a4400000)
> > libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007894a4000000)
> >
> > # lsof -p $(pidof rsyslogd) | grep -E 'ssl|gnutls'
> > rsyslogd 2077751 root mem REG 253,0 619872
> > 402886459 /usr/lib64/libssl.so.1.1.1k
> > rsyslogd 2077751 root mem REG 253,0 2051648
> > 402886940 /usr/lib64/libgnutls.so.30.28.2
> >
> > # cat /proc/$(pidof rsyslogd)/maps | grep -E 'ssl|gnutls'
> > 7ffad7d8d000-7ffad7e14000 r-xp 00000000 fd:00 402886459
> > /usr/lib64/libssl.so.1.1.1k
> > 7ffad7e14000-7ffad8014000 ---p 00087000 fd:00 402886459
> > /usr/lib64/libssl.so.1.1.1k
> > 7ffad8014000-7ffad801d000 r--p 00087000 fd:00 402886459
> > /usr/lib64/libssl.so.1.1.1k
> > 7ffad801d000-7ffad8021000 rw-p 00090000 fd:00 402886459
> > /usr/lib64/libssl.so.1.1.1k
> > 7ffad8022000-7ffad81ff000 r-xp 00000000 fd:00 402886940
> > /usr/lib64/libgnutls.so.30.28.2
> > 7ffad81ff000-7ffad83fe000 ---p 001dd000 fd:00 402886940
> > /usr/lib64/libgnutls.so.30.28.2
> > 7ffad83fe000-7ffad840f000 r--p 001dc000 fd:00 402886940
> > /usr/lib64/libgnutls.so.30.28.2
> > 7ffad840f000-7ffad8411000 rw-p 001ed000 fd:00 402886940
> > /usr/lib64/libgnutls.so.30.28.2
> >
> > Thank you
> >
> > --
> > Mehmet
> > _______________________________________________
> > rsyslog mailing list
> > https://lists.adiscon.net/mailman/listinfo/rsyslog
> > http://www.rsyslog.com/professional-services/
> > What's up with rsyslog? Follow https://twitter.com/rgerhards
> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
> > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
> > LIKE THAT.
> >
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
